|
 |
75d8e7 |
From 02544e617ce4dfffff15dab47463484ccdc9a51f Mon Sep 17 00:00:00 2001
|
|
|
75d8e7 |
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
|
75d8e7 |
Date: Wed, 15 Dec 2021 12:39:17 +0100
|
|
|
75d8e7 |
Subject: [PATCH 2/6] OvmfPkg: move tcg configuration to dsc and fdf include
|
|
|
75d8e7 |
files
|
|
|
75d8e7 |
|
|
|
75d8e7 |
RH-Author: Gerd Hoffmann <kraxel@redhat.com>
|
|
|
75d8e7 |
RH-MergeRequest: 9: backport tpm build updates, disable tpm 1.2 support
|
|
|
75d8e7 |
RH-Commit: [2/6] d811b2cf266baa0fa3f958af0b80bb208f3fe27c (kraxel/centos-edk2)
|
|
|
75d8e7 |
RH-Bugzilla: 1935497
|
|
|
75d8e7 |
RH-Acked-by: Oliver Steffen <None>
|
|
|
75d8e7 |
|
|
|
75d8e7 |
With this in place the tpm configuration is not duplicated for each of
|
|
|
75d8e7 |
our four ovmf config variants (ia32, ia32x64, x64, amdsev) and it is
|
|
|
75d8e7 |
easier to keep them all in sync when updating the tpm configuration.
|
|
|
75d8e7 |
|
|
|
75d8e7 |
No functional change.
|
|
|
75d8e7 |
|
|
|
75d8e7 |
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
|
75d8e7 |
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
|
|
|
75d8e7 |
(cherry picked from commit b47575801e1903e8b316d01840572ce2681cf2c6)
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[ kraxel: solve conflict in OvmfPkg/AmdSev/AmdSevX64.dsc ]
|
|
|
75d8e7 |
---
|
|
|
75d8e7 |
OvmfPkg/AmdSev/AmdSevX64.dsc | 85 ++++-----------------------
|
|
|
75d8e7 |
OvmfPkg/AmdSev/AmdSevX64.fdf | 17 +-----
|
|
|
75d8e7 |
OvmfPkg/OvmfPkgIa32.dsc | 88 ++++------------------------
|
|
|
75d8e7 |
OvmfPkg/OvmfPkgIa32.fdf | 17 +-----
|
|
|
75d8e7 |
OvmfPkg/OvmfPkgIa32X64.dsc | 85 ++++-----------------------
|
|
|
75d8e7 |
OvmfPkg/OvmfPkgIa32X64.fdf | 17 +-----
|
|
|
75d8e7 |
OvmfPkg/OvmfPkgX64.dsc | 85 ++++-----------------------
|
|
|
75d8e7 |
OvmfPkg/OvmfPkgX64.fdf | 17 +-----
|
|
|
75d8e7 |
OvmfPkg/OvmfTpmComponentsDxe.dsc.inc | 28 +++++++++
|
|
|
75d8e7 |
OvmfPkg/OvmfTpmComponentsPei.dsc.inc | 22 +++++++
|
|
|
75d8e7 |
OvmfPkg/OvmfTpmDefines.dsc.inc | 6 ++
|
|
|
75d8e7 |
OvmfPkg/OvmfTpmDxe.fdf.inc | 12 ++++
|
|
|
75d8e7 |
OvmfPkg/OvmfTpmLibs.dsc.inc | 14 +++++
|
|
|
75d8e7 |
OvmfPkg/OvmfTpmLibsDxe.dsc.inc | 8 +++
|
|
|
75d8e7 |
OvmfPkg/OvmfTpmLibsPeim.dsc.inc | 9 +++
|
|
|
75d8e7 |
OvmfPkg/OvmfTpmPcds.dsc.inc | 7 +++
|
|
|
75d8e7 |
OvmfPkg/OvmfTpmPcdsHii.dsc.inc | 8 +++
|
|
|
75d8e7 |
OvmfPkg/OvmfTpmPei.fdf.inc | 11 ++++
|
|
|
75d8e7 |
OvmfPkg/OvmfTpmSecurityStub.dsc.inc | 8 +++
|
|
|
75d8e7 |
19 files changed, 185 insertions(+), 359 deletions(-)
|
|
|
75d8e7 |
create mode 100644 OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
|
|
|
75d8e7 |
create mode 100644 OvmfPkg/OvmfTpmComponentsPei.dsc.inc
|
|
|
75d8e7 |
create mode 100644 OvmfPkg/OvmfTpmDefines.dsc.inc
|
|
|
75d8e7 |
create mode 100644 OvmfPkg/OvmfTpmDxe.fdf.inc
|
|
|
75d8e7 |
create mode 100644 OvmfPkg/OvmfTpmLibs.dsc.inc
|
|
|
75d8e7 |
create mode 100644 OvmfPkg/OvmfTpmLibsDxe.dsc.inc
|
|
|
75d8e7 |
create mode 100644 OvmfPkg/OvmfTpmLibsPeim.dsc.inc
|
|
|
75d8e7 |
create mode 100644 OvmfPkg/OvmfTpmPcds.dsc.inc
|
|
|
75d8e7 |
create mode 100644 OvmfPkg/OvmfTpmPcdsHii.dsc.inc
|
|
|
75d8e7 |
create mode 100644 OvmfPkg/OvmfTpmPei.fdf.inc
|
|
|
75d8e7 |
create mode 100644 OvmfPkg/OvmfTpmSecurityStub.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
|
75d8e7 |
index 88b65b9f59..8610602ddb 100644
|
|
|
75d8e7 |
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
|
75d8e7 |
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
|
|
|
75d8e7 |
@@ -32,8 +32,8 @@
|
|
|
75d8e7 |
# -D FLAG=VALUE
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
DEFINE SOURCE_DEBUG_ENABLE = FALSE
|
|
|
75d8e7 |
- DEFINE TPM_ENABLE = FALSE
|
|
|
75d8e7 |
- DEFINE TPM_CONFIG_ENABLE = FALSE
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmDefines.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# Shell can be useful for debugging but should not be enabled for production
|
|
|
75d8e7 |
@@ -203,16 +203,7 @@
|
|
|
75d8e7 |
SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf
|
|
|
75d8e7 |
OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf
|
|
|
75d8e7 |
- Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
|
|
|
75d8e7 |
- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
|
|
|
75d8e7 |
- Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
|
|
|
75d8e7 |
- TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
|
|
|
75d8e7 |
-!else
|
|
|
75d8e7 |
- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
|
|
|
75d8e7 |
- TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmLibs.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[LibraryClasses.common]
|
|
|
75d8e7 |
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
|
|
|
75d8e7 |
@@ -286,11 +277,7 @@
|
|
|
75d8e7 |
PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
|
|
|
75d8e7 |
QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
|
|
|
75d8e7 |
- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
|
|
|
75d8e7 |
- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmLibsPeim.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
@@ -371,10 +358,8 @@
|
|
|
75d8e7 |
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
|
|
|
75d8e7 |
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
|
|
|
75d8e7 |
QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.inf
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
|
|
|
75d8e7 |
- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmLibsDxe.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[LibraryClasses.common.UEFI_APPLICATION]
|
|
|
75d8e7 |
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
|
|
|
75d8e7 |
@@ -576,15 +561,10 @@
|
|
|
75d8e7 |
|
|
|
75d8e7 |
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmPcds.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[PcdsDynamicHii]
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
- gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
|
|
|
75d8e7 |
- gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
################################################################################
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
@@ -625,24 +605,7 @@
|
|
|
75d8e7 |
UefiCpuPkg/CpuMpPei/CpuMpPei.inf
|
|
|
75d8e7 |
OvmfPkg/AmdSev/SecretPei/SecretPei.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
|
|
|
75d8e7 |
- OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
|
|
|
75d8e7 |
- SecurityPkg/Tcg/TcgPei/TcgPei.inf
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# DXE Phase modules
|
|
|
75d8e7 |
@@ -664,10 +627,7 @@
|
|
|
75d8e7 |
|
|
|
75d8e7 |
MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {
|
|
|
75d8e7 |
<LibraryClasses>
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc
|
|
|
75d8e7 |
}
|
|
|
75d8e7 |
|
|
|
75d8e7 |
OvmfPkg/8259InterruptControllerDxe/8259.inf
|
|
|
75d8e7 |
@@ -830,27 +790,4 @@
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# TPM support
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
|
|
|
75d8e7 |
- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
-!if $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
- SecurityPkg/Tcg/TcgDxe/TcgDxe.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
|
|
|
75d8e7 |
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
|
75d8e7 |
index 325570c5a3..3f2329dab4 100644
|
|
|
75d8e7 |
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
|
75d8e7 |
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
|
|
|
75d8e7 |
@@ -156,13 +156,7 @@ INF UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
|
|
|
75d8e7 |
INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf
|
|
|
75d8e7 |
INF OvmfPkg/AmdSev/SecretPei/SecretPei.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
-INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
|
|
|
75d8e7 |
-INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmPei.fdf.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
################################################################################
|
|
|
75d8e7 |
|
|
|
75d8e7 |
@@ -311,14 +305,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# TPM support
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf
|
|
|
75d8e7 |
-!if $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmDxe.fdf.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
################################################################################
|
|
|
75d8e7 |
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
|
|
|
75d8e7 |
index fa42d919be..904176ccfc 100644
|
|
|
75d8e7 |
--- a/OvmfPkg/OvmfPkgIa32.dsc
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfPkgIa32.dsc
|
|
|
75d8e7 |
@@ -32,10 +32,10 @@
|
|
|
75d8e7 |
DEFINE SECURE_BOOT_ENABLE = FALSE
|
|
|
75d8e7 |
DEFINE SMM_REQUIRE = FALSE
|
|
|
75d8e7 |
DEFINE SOURCE_DEBUG_ENABLE = FALSE
|
|
|
75d8e7 |
- DEFINE TPM_ENABLE = FALSE
|
|
|
75d8e7 |
- DEFINE TPM_CONFIG_ENABLE = FALSE
|
|
|
75d8e7 |
DEFINE LOAD_X64_ON_IA32_ENABLE = FALSE
|
|
|
75d8e7 |
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmDefines.dsc.inc
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# Network definition
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
@@ -229,16 +229,7 @@
|
|
|
75d8e7 |
SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf
|
|
|
75d8e7 |
OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf
|
|
|
75d8e7 |
- Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
|
|
|
75d8e7 |
- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
|
|
|
75d8e7 |
- Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
|
|
|
75d8e7 |
- TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
|
|
|
75d8e7 |
-!else
|
|
|
75d8e7 |
- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
|
|
|
75d8e7 |
- TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmLibs.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[LibraryClasses.common]
|
|
|
75d8e7 |
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
|
|
|
75d8e7 |
@@ -309,11 +300,7 @@
|
|
|
75d8e7 |
PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
|
|
|
75d8e7 |
QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
|
|
|
75d8e7 |
- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
|
|
|
75d8e7 |
- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmLibsPeim.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
@@ -401,10 +388,8 @@
|
|
|
75d8e7 |
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
|
|
|
75d8e7 |
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
|
|
|
75d8e7 |
QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
|
|
|
75d8e7 |
- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmLibsDxe.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[LibraryClasses.common.UEFI_APPLICATION]
|
|
|
75d8e7 |
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
|
|
|
75d8e7 |
@@ -643,19 +628,14 @@
|
|
|
75d8e7 |
|
|
|
75d8e7 |
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmPcds.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
# IPv4 and IPv6 PXE Boot support.
|
|
|
75d8e7 |
gEfiNetworkPkgTokenSpaceGuid.PcdIPv4PXESupport|0x01
|
|
|
75d8e7 |
gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[PcdsDynamicHii]
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
- gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
|
|
|
75d8e7 |
- gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
################################################################################
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
@@ -705,24 +685,7 @@
|
|
|
75d8e7 |
!endif
|
|
|
75d8e7 |
UefiCpuPkg/CpuMpPei/CpuMpPei.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
|
|
|
75d8e7 |
- OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
|
|
|
75d8e7 |
- SecurityPkg/Tcg/TcgPei/TcgPei.inf
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# DXE Phase modules
|
|
|
75d8e7 |
@@ -747,10 +710,7 @@
|
|
|
75d8e7 |
!if $(SECURE_BOOT_ENABLE) == TRUE
|
|
|
75d8e7 |
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
|
|
|
75d8e7 |
!endif
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc
|
|
|
75d8e7 |
}
|
|
|
75d8e7 |
|
|
|
75d8e7 |
OvmfPkg/8259InterruptControllerDxe/8259.inf
|
|
|
75d8e7 |
@@ -1004,31 +964,5 @@
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# TPM support
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
|
|
|
75d8e7 |
- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
-!if $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
- SecurityPkg/Tcg/TcgDxe/TcgDxe.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(LOAD_X64_ON_IA32_ENABLE) == TRUE
|
|
|
75d8e7 |
- OvmfPkg/CompatImageLoaderDxe/CompatImageLoaderDxe.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
|
|
|
75d8e7 |
index 51433836d6..8ba9ffc83e 100644
|
|
|
75d8e7 |
--- a/OvmfPkg/OvmfPkgIa32.fdf
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfPkgIa32.fdf
|
|
|
75d8e7 |
@@ -161,13 +161,7 @@ INF OvmfPkg/SmmAccess/SmmAccessPei.inf
|
|
|
75d8e7 |
!endif
|
|
|
75d8e7 |
INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
-INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
|
|
|
75d8e7 |
-INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmPei.fdf.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
################################################################################
|
|
|
75d8e7 |
|
|
|
75d8e7 |
@@ -353,14 +347,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# TPM support
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf
|
|
|
75d8e7 |
-!if $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmDxe.fdf.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
!if $(LOAD_X64_ON_IA32_ENABLE) == TRUE
|
|
|
75d8e7 |
INF OvmfPkg/CompatImageLoaderDxe/CompatImageLoaderDxe.inf
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
|
75d8e7 |
index ef962565f8..aebd8980e4 100644
|
|
|
75d8e7 |
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
|
|
|
75d8e7 |
@@ -32,8 +32,8 @@
|
|
|
75d8e7 |
DEFINE SECURE_BOOT_ENABLE = FALSE
|
|
|
75d8e7 |
DEFINE SMM_REQUIRE = FALSE
|
|
|
75d8e7 |
DEFINE SOURCE_DEBUG_ENABLE = FALSE
|
|
|
75d8e7 |
- DEFINE TPM_ENABLE = FALSE
|
|
|
75d8e7 |
- DEFINE TPM_CONFIG_ENABLE = FALSE
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmDefines.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# Network definition
|
|
|
75d8e7 |
@@ -233,16 +233,7 @@
|
|
|
75d8e7 |
SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf
|
|
|
75d8e7 |
OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf
|
|
|
75d8e7 |
- Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
|
|
|
75d8e7 |
- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
|
|
|
75d8e7 |
- Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
|
|
|
75d8e7 |
- TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
|
|
|
75d8e7 |
-!else
|
|
|
75d8e7 |
- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
|
|
|
75d8e7 |
- TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmLibs.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[LibraryClasses.common]
|
|
|
75d8e7 |
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
|
|
|
75d8e7 |
@@ -313,11 +304,7 @@
|
|
|
75d8e7 |
PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
|
|
|
75d8e7 |
QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
|
|
|
75d8e7 |
- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
|
|
|
75d8e7 |
- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmLibsPeim.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
@@ -405,10 +392,8 @@
|
|
|
75d8e7 |
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
|
|
|
75d8e7 |
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
|
|
|
75d8e7 |
QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
|
|
|
75d8e7 |
- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmLibsDxe.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[LibraryClasses.common.UEFI_APPLICATION]
|
|
|
75d8e7 |
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
|
|
|
75d8e7 |
@@ -655,9 +640,7 @@
|
|
|
75d8e7 |
|
|
|
75d8e7 |
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmPcds.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[PcdsDynamicDefault.X64]
|
|
|
75d8e7 |
# IPv4 and IPv6 PXE Boot support.
|
|
|
75d8e7 |
@@ -665,10 +648,7 @@
|
|
|
75d8e7 |
gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[PcdsDynamicHii]
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
- gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
|
|
|
75d8e7 |
- gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
################################################################################
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
@@ -718,24 +698,7 @@
|
|
|
75d8e7 |
!endif
|
|
|
75d8e7 |
UefiCpuPkg/CpuMpPei/CpuMpPei.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
|
|
|
75d8e7 |
- OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
|
|
|
75d8e7 |
- SecurityPkg/Tcg/TcgPei/TcgPei.inf
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[Components.X64]
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
@@ -761,10 +724,7 @@
|
|
|
75d8e7 |
!if $(SECURE_BOOT_ENABLE) == TRUE
|
|
|
75d8e7 |
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
|
|
|
75d8e7 |
!endif
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc
|
|
|
75d8e7 |
}
|
|
|
75d8e7 |
|
|
|
75d8e7 |
OvmfPkg/8259InterruptControllerDxe/8259.inf
|
|
|
75d8e7 |
@@ -1019,27 +979,4 @@
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# TPM support
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
|
|
|
75d8e7 |
- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
-!if $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
- SecurityPkg/Tcg/TcgDxe/TcgDxe.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
|
75d8e7 |
index a50f80e1e9..65d2600016 100644
|
|
|
75d8e7 |
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
|
|
|
75d8e7 |
@@ -164,13 +164,7 @@ INF OvmfPkg/SmmAccess/SmmAccessPei.inf
|
|
|
75d8e7 |
!endif
|
|
|
75d8e7 |
INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
-INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
|
|
|
75d8e7 |
-INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmPei.fdf.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
################################################################################
|
|
|
75d8e7 |
|
|
|
75d8e7 |
@@ -363,14 +357,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# TPM support
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf
|
|
|
75d8e7 |
-!if $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmDxe.fdf.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
################################################################################
|
|
|
75d8e7 |
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
|
|
|
75d8e7 |
index ba9f9833b0..e85ac3d682 100644
|
|
|
75d8e7 |
--- a/OvmfPkg/OvmfPkgX64.dsc
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfPkgX64.dsc
|
|
|
75d8e7 |
@@ -32,8 +32,8 @@
|
|
|
75d8e7 |
DEFINE SECURE_BOOT_ENABLE = FALSE
|
|
|
75d8e7 |
DEFINE SMM_REQUIRE = FALSE
|
|
|
75d8e7 |
DEFINE SOURCE_DEBUG_ENABLE = FALSE
|
|
|
75d8e7 |
- DEFINE TPM_ENABLE = FALSE
|
|
|
75d8e7 |
- DEFINE TPM_CONFIG_ENABLE = FALSE
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmDefines.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# Network definition
|
|
|
75d8e7 |
@@ -233,16 +233,7 @@
|
|
|
75d8e7 |
SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf
|
|
|
75d8e7 |
OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf
|
|
|
75d8e7 |
- Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
|
|
|
75d8e7 |
- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
|
|
|
75d8e7 |
- Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
|
|
|
75d8e7 |
- TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
|
|
|
75d8e7 |
-!else
|
|
|
75d8e7 |
- Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
|
|
|
75d8e7 |
- TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmLibs.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[LibraryClasses.common]
|
|
|
75d8e7 |
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
|
|
|
75d8e7 |
@@ -315,11 +306,7 @@
|
|
|
75d8e7 |
PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
|
|
|
75d8e7 |
QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
|
|
|
75d8e7 |
- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
|
|
|
75d8e7 |
- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmLibsPeim.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
@@ -407,10 +394,8 @@
|
|
|
75d8e7 |
MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
|
|
|
75d8e7 |
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
|
|
|
75d8e7 |
QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
|
|
|
75d8e7 |
- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmLibsDxe.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[LibraryClasses.common.UEFI_APPLICATION]
|
|
|
75d8e7 |
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
|
|
|
75d8e7 |
@@ -655,19 +640,14 @@
|
|
|
75d8e7 |
|
|
|
75d8e7 |
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmPcds.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
# IPv4 and IPv6 PXE Boot support.
|
|
|
75d8e7 |
gEfiNetworkPkgTokenSpaceGuid.PcdIPv4PXESupport|0x01
|
|
|
75d8e7 |
gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01
|
|
|
75d8e7 |
|
|
|
75d8e7 |
[PcdsDynamicHii]
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
- gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
|
|
|
75d8e7 |
- gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmPcdsHii.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
################################################################################
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
@@ -717,24 +697,7 @@
|
|
|
75d8e7 |
!endif
|
|
|
75d8e7 |
UefiCpuPkg/CpuMpPei/CpuMpPei.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
|
|
|
75d8e7 |
- OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
|
|
|
75d8e7 |
- SecurityPkg/Tcg/TcgPei/TcgPei.inf
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmComponentsPei.dsc.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# DXE Phase modules
|
|
|
75d8e7 |
@@ -758,10 +721,7 @@
|
|
|
75d8e7 |
<LibraryClasses>
|
|
|
75d8e7 |
!if $(SECURE_BOOT_ENABLE) == TRUE
|
|
|
75d8e7 |
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmSecurityStub.dsc.inc
|
|
|
75d8e7 |
!endif
|
|
|
75d8e7 |
}
|
|
|
75d8e7 |
|
|
|
75d8e7 |
@@ -1017,27 +977,4 @@
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# TPM support
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
|
|
|
75d8e7 |
- HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
|
|
|
75d8e7 |
- NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
-!if $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
- SecurityPkg/Tcg/TcgDxe/TcgDxe.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
- SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf {
|
|
|
75d8e7 |
- <LibraryClasses>
|
|
|
75d8e7 |
- TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
|
|
|
75d8e7 |
- }
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
|
|
|
75d8e7 |
index dd1c6eded9..e5cbae2073 100644
|
|
|
75d8e7 |
--- a/OvmfPkg/OvmfPkgX64.fdf
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfPkgX64.fdf
|
|
|
75d8e7 |
@@ -180,13 +180,7 @@ INF OvmfPkg/SmmAccess/SmmAccessPei.inf
|
|
|
75d8e7 |
!endif
|
|
|
75d8e7 |
INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf
|
|
|
75d8e7 |
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
-INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
|
|
|
75d8e7 |
-INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmPei.fdf.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
################################################################################
|
|
|
75d8e7 |
|
|
|
75d8e7 |
@@ -379,14 +373,7 @@ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
# TPM support
|
|
|
75d8e7 |
#
|
|
|
75d8e7 |
-!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf
|
|
|
75d8e7 |
-!if $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
-INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
-!endif
|
|
|
75d8e7 |
+!include OvmfPkg/OvmfTpmDxe.fdf.inc
|
|
|
75d8e7 |
|
|
|
75d8e7 |
################################################################################
|
|
|
75d8e7 |
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
|
|
|
75d8e7 |
new file mode 100644
|
|
|
75d8e7 |
index 0000000000..d5c2586118
|
|
|
75d8e7 |
--- /dev/null
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfTpmComponentsDxe.dsc.inc
|
|
|
75d8e7 |
@@ -0,0 +1,28 @@
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
+ SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
|
|
|
75d8e7 |
+ <LibraryClasses>
|
|
|
75d8e7 |
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
|
|
|
75d8e7 |
+ NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
|
|
|
75d8e7 |
+ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
|
|
|
75d8e7 |
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
|
|
|
75d8e7 |
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
|
|
|
75d8e7 |
+ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
|
|
|
75d8e7 |
+ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
|
|
|
75d8e7 |
+ NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
|
|
|
75d8e7 |
+ }
|
|
|
75d8e7 |
+!if $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
+ SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
|
|
|
75d8e7 |
+!endif
|
|
|
75d8e7 |
+ SecurityPkg/Tcg/TcgDxe/TcgDxe.inf {
|
|
|
75d8e7 |
+ <LibraryClasses>
|
|
|
75d8e7 |
+ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
|
|
|
75d8e7 |
+ }
|
|
|
75d8e7 |
+ SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf {
|
|
|
75d8e7 |
+ <LibraryClasses>
|
|
|
75d8e7 |
+ TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
|
|
|
75d8e7 |
+ }
|
|
|
75d8e7 |
+!endif
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfTpmComponentsPei.dsc.inc b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc
|
|
|
75d8e7 |
new file mode 100644
|
|
|
75d8e7 |
index 0000000000..99fa7c13b3
|
|
|
75d8e7 |
--- /dev/null
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfTpmComponentsPei.dsc.inc
|
|
|
75d8e7 |
@@ -0,0 +1,22 @@
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
+ OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
|
|
|
75d8e7 |
+ OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
|
|
|
75d8e7 |
+ SecurityPkg/Tcg/TcgPei/TcgPei.inf
|
|
|
75d8e7 |
+ SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
|
|
|
75d8e7 |
+ <LibraryClasses>
|
|
|
75d8e7 |
+ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
|
|
|
75d8e7 |
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
|
|
|
75d8e7 |
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
|
|
|
75d8e7 |
+ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
|
|
|
75d8e7 |
+ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
|
|
|
75d8e7 |
+ NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
|
|
|
75d8e7 |
+ }
|
|
|
75d8e7 |
+ SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf {
|
|
|
75d8e7 |
+ <LibraryClasses>
|
|
|
75d8e7 |
+ TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.inf
|
|
|
75d8e7 |
+ }
|
|
|
75d8e7 |
+!endif
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfTpmDefines.dsc.inc b/OvmfPkg/OvmfTpmDefines.dsc.inc
|
|
|
75d8e7 |
new file mode 100644
|
|
|
75d8e7 |
index 0000000000..51da7508b3
|
|
|
75d8e7 |
--- /dev/null
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfTpmDefines.dsc.inc
|
|
|
75d8e7 |
@@ -0,0 +1,6 @@
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+ DEFINE TPM_ENABLE = FALSE
|
|
|
75d8e7 |
+ DEFINE TPM_CONFIG_ENABLE = FALSE
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfTpmDxe.fdf.inc b/OvmfPkg/OvmfTpmDxe.fdf.inc
|
|
|
75d8e7 |
new file mode 100644
|
|
|
75d8e7 |
index 0000000000..9dcdaaf01c
|
|
|
75d8e7 |
--- /dev/null
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfTpmDxe.fdf.inc
|
|
|
75d8e7 |
@@ -0,0 +1,12 @@
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
+INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
|
|
|
75d8e7 |
+INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
|
|
|
75d8e7 |
+INF SecurityPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf
|
|
|
75d8e7 |
+!if $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
+INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
|
|
|
75d8e7 |
+!endif
|
|
|
75d8e7 |
+!endif
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfTpmLibs.dsc.inc b/OvmfPkg/OvmfTpmLibs.dsc.inc
|
|
|
75d8e7 |
new file mode 100644
|
|
|
75d8e7 |
index 0000000000..50100f2c03
|
|
|
75d8e7 |
--- /dev/null
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfTpmLibs.dsc.inc
|
|
|
75d8e7 |
@@ -0,0 +1,14 @@
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
+ Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf
|
|
|
75d8e7 |
+ Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
|
|
|
75d8e7 |
+ Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
|
|
|
75d8e7 |
+ Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
|
|
|
75d8e7 |
+ TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
|
|
|
75d8e7 |
+!else
|
|
|
75d8e7 |
+ Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
|
|
|
75d8e7 |
+ TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
|
|
|
75d8e7 |
+!endif
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfTpmLibsDxe.dsc.inc b/OvmfPkg/OvmfTpmLibsDxe.dsc.inc
|
|
|
75d8e7 |
new file mode 100644
|
|
|
75d8e7 |
index 0000000000..67d5027aba
|
|
|
75d8e7 |
--- /dev/null
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfTpmLibsDxe.dsc.inc
|
|
|
75d8e7 |
@@ -0,0 +1,8 @@
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
+ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
|
|
|
75d8e7 |
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
|
|
|
75d8e7 |
+!endif
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfTpmLibsPeim.dsc.inc b/OvmfPkg/OvmfTpmLibsPeim.dsc.inc
|
|
|
75d8e7 |
new file mode 100644
|
|
|
75d8e7 |
index 0000000000..4e84e3dcaa
|
|
|
75d8e7 |
--- /dev/null
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfTpmLibsPeim.dsc.inc
|
|
|
75d8e7 |
@@ -0,0 +1,9 @@
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
|
|
|
75d8e7 |
+ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
|
|
|
75d8e7 |
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
|
|
|
75d8e7 |
+!endif
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfTpmPcds.dsc.inc b/OvmfPkg/OvmfTpmPcds.dsc.inc
|
|
|
75d8e7 |
new file mode 100644
|
|
|
75d8e7 |
index 0000000000..0e7f83c04b
|
|
|
75d8e7 |
--- /dev/null
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfTpmPcds.dsc.inc
|
|
|
75d8e7 |
@@ -0,0 +1,7 @@
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
|
|
|
75d8e7 |
+!endif
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfTpmPcdsHii.dsc.inc b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc
|
|
|
75d8e7 |
new file mode 100644
|
|
|
75d8e7 |
index 0000000000..164bc9c7fc
|
|
|
75d8e7 |
--- /dev/null
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfTpmPcdsHii.dsc.inc
|
|
|
75d8e7 |
@@ -0,0 +1,8 @@
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE
|
|
|
75d8e7 |
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
|
|
|
75d8e7 |
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS
|
|
|
75d8e7 |
+!endif
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfTpmPei.fdf.inc b/OvmfPkg/OvmfTpmPei.fdf.inc
|
|
|
75d8e7 |
new file mode 100644
|
|
|
75d8e7 |
index 0000000000..9aefd73d21
|
|
|
75d8e7 |
--- /dev/null
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfTpmPei.fdf.inc
|
|
|
75d8e7 |
@@ -0,0 +1,11 @@
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
+INF OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
|
|
|
75d8e7 |
+INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
|
|
|
75d8e7 |
+INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
|
|
|
75d8e7 |
+INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
|
|
|
75d8e7 |
+INF SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf
|
|
|
75d8e7 |
+!endif
|
|
|
75d8e7 |
diff --git a/OvmfPkg/OvmfTpmSecurityStub.dsc.inc b/OvmfPkg/OvmfTpmSecurityStub.dsc.inc
|
|
|
75d8e7 |
new file mode 100644
|
|
|
75d8e7 |
index 0000000000..4bd4066843
|
|
|
75d8e7 |
--- /dev/null
|
|
|
75d8e7 |
+++ b/OvmfPkg/OvmfTpmSecurityStub.dsc.inc
|
|
|
75d8e7 |
@@ -0,0 +1,8 @@
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
|
|
75d8e7 |
+##
|
|
|
75d8e7 |
+
|
|
|
75d8e7 |
+!if $(TPM_ENABLE) == TRUE
|
|
|
75d8e7 |
+ NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
|
|
|
75d8e7 |
+ NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
|
|
|
75d8e7 |
+!endif
|
|
|
75d8e7 |
--
|
|
|
75d8e7 |
2.27.0
|
|
|
75d8e7 |
|